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[Title] 

Method for linking of devices 

5 [Technical field of the invention] 

The present invention relates to a method for linking of a first characteristic of a 
first device to a second characteristic of a second device. The invention also 
concerns a server and a computer program loadable into a processing unit of a 
0 server. 

[Background of the invention] 

Linking of devices is defined by the achieving of an association of one or more 
15 characteristics of a first device with one or more characteristics of one or more 
further devices. A characteristic allows typically to identify a device, however, in 
a more general sense a characteristic can relate to any kind of information 
associated with a device. For linking of a first device to a second device, one or 
more characteristics of the first device are associated to one or more 
20 characteristics of the second device. One or more of the associated 

characteristics can be determined from the respective devices or from further 
entities knowing the respective characteristics. In general, linking of devices 
provides extended information due to the linkage, e.g. by revealing that two 
devices are linked at some point in time. A table may be used for the 
25 association of characteristics and characteristics may be different for different 
implementations of the linking method. 

Linking of devices is increasingly used for authentication purposes. When trying 
to access an institution like a system or service or device via a non-trusted 
30 device like a computer terminal or an automatic teller machine (ATM) or a door, 
an institution for that access is requested to initially does not have knowledge 
on the operator of the non-trusted device. For a lot of situations like 
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downloading publicly available information from the Internet or entering a public 
building this lack of knowledge is not problematic to the institution, i.e. access to 
the institution is provided via the non-trusted device to any person that is able to 
operate the non-trusted device. However, for accessing an institution where 
5 access restrictions apply, knowledge regarding the legitimization for access is 
necessary. This knowledge can be e.g. provided by an authentication procedure 
like verifying a user identity and a password entered into the non-personal 
device. Alternatively, linking to a trusted device can be used for authentication 
for granting access. 

10 

A trusted device is a device that is associated with an access legitimization as 
the main characteristic of a trusted device. An access legitimization legitimates 
the trusted device to access a particular institution. When presenting the trusted 
device to the particular institution, the access legitimization achieves that 

15 access to the particular institution is granted to the trusted device. The particular 
institution or an entity supporting the particular institution can have certain 
criteria to verify the access legitimization for granting access. Examples for a 
trusted device are a mobile phone being legitimated for accessing a mobile 
telephone network or a credit card being legitimated for accessing a payment 

20 service. Depending on the trusted device and the processing of the verification 
of the access legitimization, an identity of the legitimate owner of the trusted 
device can be obtained or it can be proven that that a person operating a 
trusted device is identical to or is authorized by the legitimate owner. The 
respective information may be associated with the access legitimization of the 

25 trusted device. 



Thus, when requesting access to an institution via a non-trusted device, a 
trusted device with an associated access legitimization can be presented. The 
associated access legitimization can be determined and can be associated to a 
30 characteristic like an identifier of the non-trusted device requesting access to 

the institution. Alternatively, a characteristic of the trusted device referring to the 
access legitimization associated with the trusted device can be associated to 
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the characteristic of the non-trusted device. The institution to that the access 
legitimization associated with the trusted device legitimates for access does not 
necessarily have to be identical to the institution to that the non-trusted device 
requests access to. Agreements between different institutions can ensure that 
5 an access legitimization legitimating for access to a first institution legitimates 
also for access to a second institution. The associated characteristics of the 
trusted and non-trusted device can be stored in a database for further 
processing, e.g. for statistical, charging or legal purposes. Based on the 
associated characteristics of the non-trusted and trusted device, access can be 

10 granted to or via the non-trusted device, because now the institution or the 
entity supporting the institution for authentication purpose is provided with 
knowledge on an access legitimization linked to a characteristic of the non- 
trusted device like an identifier identifying the non-trusted device. Depending on 
the trusted device and the implementation of the linking method, information 

15 about an identity of the legitimate owner of the trusted device or a proof that an 
operator of the trusted device is identical to or is authorized by the legitimate 
owner of the trusted device can be obtained and associated to the respective 
characteristic of the non-trusted device. Also an identity of the institution that is 
to be accessed can be associated. 

20 

More secure linking methods require in addition to the association of 
characteristics a proof that a first device and a second device that are to be 
linked are located in close proximity. The proof of the close proximity is seen as 
sufficient evidence that the operator of the first device is identical to or at least 
25 authorized by the operator of the second device. 

Different solutions exist for proving the close proximity that are described in the 
following: 

30 According to a first solution, a local connection between a first device and a 
second device that are to be linked can be used to send linking data from a 
server, e.g. a payment or authentication server, via the first device and the 



WO 2004/034237 PCT/EP2003/010780 

4 

second device and than back to the server or vice versa. A successful round-trip 
of the linking data is sufficient proof for the existing local connection and thus for 
the close proximity. Local physical connections like cables, docking stations, 
card readers or local wireless connections with transmission ranges of about 
5 less than 10 meters as provided by Infrared (IR) or Bluetooth can be used. 



According to a second solution, a person manually transfers linking data from a 
first device to a second device for proving the close proximity. For example, an 
authentication server supporting an institution that is to be accessed by a non- 
10 trusted device sends a randomly generated one-time password (OTP) as linking 
data to the trusted device. The person that operates the trusted device and the 
non-trusted device reads the linking data and manually types the linking data 
into the non-trusted device. As in the first solution, the round-trip of the linking 
data is seen as proof for the close proximity. 

15 

US-6,259,909 describes a round-trip of a code word used in a method for 
secure access by a user to a remote system. After an authentication of a first 
communications device by an access device, a code word is transmitted from 
the access device to a second communications device. Said code word 

20 received by the second communications device is further transmitted from the 
second communications device via the first communications device to said 
access device which can grant to the first and/or second communications 
device access to the remote system after a check for correctness of the code 
word received from the first communications device. A data processing unit can 

25 be used as first communications device and a mobile phone may be used as 
second communications device. 



The aforementioned solutions for proving the close proximity have 
disadvantages. A local connection requires compatible interfaces at the devices 
30 that are to be linked for transferring the data from one device to the other 

device. However, compatibility of interfaces is very often not given thus limiting 
the applicability of solutions based on local connections to a small fragment of a 
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potential market. This is especially true for local wireless connections, because 
appropriate local wireless interfaces like IR or Bluetooth transceivers are rather 
seldom on devices like personal computers (PCs), workstations, ATMs or older 
mobile phones. Using local physical connections requires to physically connect 
5 devices that are to be linked. However, physically connecting devices is an 

inconvenient and often even annoying task. Similarly, line-of-sight local wireless 
connection techniques like IR require appropriate aligning transceivers of 
devices that are to be linked. Furthermore, replacing a device by an appropriate 
further device requires to first remove the local connection from the device that 
10 is to be replaced and to attach the removed local connection to the appropriate 
further device thus increasing the inconvenience for the operator. 

Solutions based on manually transferred linking data requires the person that 
operates the first and the second device to be active in a sense that the person 

15 has to read the linking data that is to be transferred manually from the first 
device and to type it into the second device. In order to prevent to guess the 
linking data, the linking data should not be too short. However, reading of a 
longer sequence from the first device and typing of the longer sequence into a 
second device is not convenient and the probability for mistyping increases with 

20 the length of the sequence. It is annoying when the linking is rejected because 
of any reading or typing errors. 

[Summary of the invention] 

25 It is an object of the present invention to provide a method, a device, and a 

computer program, which enable a convenient linking of a first characteristic of 
a first device and a second characteristic of a second device. 

This object is achieved by the method as described in claim 1. Furthermore, the 
30 invention is embodied in a server as described in claim 9 and a computer 

program loadable into a processing unit of a server as described in claim 16. 
Advantageous embodiments are described in the further claims. 



WO 2004/034237 



6 



PCT/EP2003/010780 



For the linking of a first characteristic of a first device and a second 
characteristic of a second device by a server the following steps are executed. 

5 In a first step, a first linking information and a second linking information are 
selected with the requirement that the first linking information and the second 
linking information match. To this end, the first linking information does not 
necessarily have to be identical to the second linking information. 

10 Next, the first linking information is sent from the server to the first device and 
the second linking information is sent from the server to the second device. 

Furthermore, the first linking information is presented by the first device and the 
second linking information is presented by the second device. Presenting is to 

15 be understood as an output to a person. The output by the first device can be 
different from the output by the second device, however, the matching of the 
first linking information and the second linking information must be 
recognizable. Examples for non-identical matching linking information may be a 
first linking information being complementary or successional to a second 

20 linking information. 

After recognizing that the first linking information that is presented by the first 
device and the second linking information that is presented by the second 
device match, an indication of the matching is entered into the first device. For 
25 example, the operator of the first device can press a button on the first device or 
an appropriate voice-command can be used for entering the indication of the 
matching. 

Based on the entered indication of the matching, the first device sends to the 
30 server a matching confirmation. The matching confirmation confirms to the 

server the matching of the first linking information presented by the first device 
and the second linking information presented by the second device. 
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Based on the received matching confirmation, the first characteristic and the 
second characteristic are associated e.g. by correlating the first characteristic 
and the second characteristic in a table. 

5 

The proposed method enables a convenient linking of a first characteristic of 
first device and a second characteristic of a second device. Comparing of a first 
linking information presented by a first device and a second linking information 
presented by a second device and confirming the matching at one of the two 

10 devices according to the present invention requires much less action by a 
person compared to linking methods based on manually transferred linking 
data, because no lengthy sequences have to be read from a first device and 
manually typed into a second device. In addition, the possibility of mistyping can 
be completely avoided as no linking information has to be typed in making the 

1 5 proposed method much more convenient for a person. Furthermore, the method 
according to the invention does not require a local connection between the first 
device and the second device thus rendering compatible interfaces and 
attaching or removing of local connections unnecessary while at the same time 
increasing the applicability. Presenting of matching linking information by the 

20 first device and by the second device is furthermore advantageous, because it 
frees the operator of a first device from being aware of an address of a second 
device that is to be linked to said first device as it is the case for linking methods 
that require to enter or confirm an address of said second device at the first 
device for confirming the linking. However, very often an address of a device is 

25 not available, e.g. the address is not displayed or cannot be read out, or may 
change temporarily. Especially for a non-trusted device applies that an address 
is often not available for the operator, thus making the proposed method very 
suited for linking non-trusted devices, e.g. for linking an IP-address and port of a 
first computer terminal as first non-trusted device to an IP address and port of a 

30 second computer terminal as second non-trusted device for establishing a 
computer network comprising the two computer terminals. 
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According to a preferred embodiment, the first device is a trusted device and 
the first characteristic relates to an access legitimization that legitimates to 
access a first institution. Relating means that the first characteristic comprises 
the access legitimization and/or an identifier from that the access legitimization 
5 can be obtained. An example for an identifier from that an access legitimization 
legitimating for accessing a mobile telephone network can be obtained is a 
Mobile Station Integrated Services Digital Network Number (MSISDN) of a 
mobile phone. The associated characteristics can be further processed, e.g. for 
statistical, charging, or legal purpose. 

10 

According to another preferred embodiment, the second characteristic of the 
second device comprises an identifier identifying the second device. Access to 
a second institution is granted to or via the second device based on the 
associating of the first characteristic relating to the access legitimization and the 

15 second characteristic comprising the identifier. The second institution can be 
identical to or different from the first institution. Agreements can ensure that an 
access legitimization for accessing the first institution legitimates also for access 
to the second institution. Thus, the associating of the characteristic relating to 
the access legitimization and the second characteristic comprising the identifier 

20 for identifying the second device can provide the information that the second 
device is legitimated for accessing the second institution. Based on that 
information, access to the second institution can be granted. An access 
assertion may be sent from the server to the second device, to the second 
institution or a further entity supporting the second device or the second 

25 institution for granting access. The access assertion may comprise an access 
legitimization that legitimates for accessing the second institution which can be 
e.g. derived from the access legitimization that legitimates for accessing the first 
institution. Access to the second institution can be e.g. achieved by unlocking 
the second device for appropriate usage. 

30 

According to another preferred embodiment, a request for authentication 
triggers the linking. A request for authentication is common for conventional 
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authentication methods thus decreasing the implementation effort when using 
the proposed linking method for authentication purpose. Especially if an 
authentication is required for accessing the second institution, the second 
institution may just send the request for authentication and wait for an access 
5 assertion before granting access to the second device as it is the case for 
conventional authentication methods. Accordingly, the second institution does 
not necessarily have to be adapted to the particularities of the proposed method 
thus increasing the applicability of the proposed method. 



10 According to another preferred embodiment, the first linking information and the 
second linking information comprise one or more randomly generated symbols. 
Randomly generated symbols are beneficial due to security reason, because 
the probability is reduced that identical or similar linking information is presented 
in a first linking and in a second linking. Especially, if multiple non-trusted 

15 devices are located in close proximity, a person that has to confirm a matching 
of linking information may get easily confused if the same or very similar linking 
information is presented on the multiple non-trusted devices in his environment. 
Furthermore, randomly generated symbols are also advantageous, because the 
linking information can be processed in the way of a one-time password which 

20 is beneficial if the method according to the present invention is to be combined 
with a conventional linking method using one-time passwords. Examples for a 
symbol are a digit, a letter, an image, a photo, a picture, or an icon. 
Advantageous for the usage of digits, letters, and/or icons is their easy 
processing and presenting on a device having a simple display like it is 

25 integrated in a conventional Global System for Mobile Communication (GSM) 
mobile phone. Another advantage of digits and/or letters is that they can be 
easily converted for an acoustically presentation. The presenting of graphics 
like images, photos, pictures, and/or icons can be advantageous because a 
person usually recognizes more intuitively and faster the matching of graphics 

30 compared to letters and/or digits making the method more convenient. 
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According to another preferred embodiment, the first linking information is 
identical to the second linking information. Comparing and confirming the 
matching of identical linking information is typically more convenient compared 
to comparing and confirming of non-identical matching linking information. In 
5 addition, the usage of identical linking information is easier to implement in the 
server. 

According to another preferred embodiment, the associating of the first 
characteristic and the second characteristic can be based on a verification for 

10 correctness of confirmation data entered into the first device. The entering of 
confirmation data can be advantageous for security reasons, e.g. for making a 
person more aware or for personal authentication. For verification of the 
correctness of the entered confirmation data, the entered confirmation data has 
to match to predefined confirmation data. The first device or the server or both 

15 can execute the verification. If the server verifies the entered confirmation data, 
the confirmation data entered into the first device or data produced in the first 
device based on the entered confirmation data is to be sent to the server, e.g. 
included or attached to the matching confirmation. The server compares the 
entered confirmation data or the produced data to predefined confirmation data 

20 and executes the associating of the characteristics if the entered confirmation 
data or the produced data, respectively, matches to the predefined confirmation 
data. If the first device executes the verification, the first device has access to 
the predefined data that enables the first device to verify the entered 
confirmation data for correctness, e.g. the predefined data can be sent from the 

25 server to the second device or the predefined data can be stored on the second 
device. The first device compares the entered confirmation data with the 
predefined confirmation data and sends the matching confirmation to the server 
if the entered confirmation data matches to the predefined confirmation data. 
The method may be implemented in a way that the sending of the matching 

30 confirmation is an implicit indication for the verification for correctness of the 
entered confirmation data by the first device to the server. Based on the 
verification for correctness, the server can execute the associating of the first 
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and the second characteristic. Depending on the implementation, the 
confirmation data may be entered for indicating the matching of the linking 
information thus reducing the number of steps to be executed. 

5 According to a preferred embodiment, the confirmation data comprises at least 
one of (a) a Personal Identification Number, (b) a password, (c) an indication for 
additional information being presented in parallel to the first linking information 
or second linking information, the additional information being distinguishable 
from the first linking information and the second linking information, and (d) data 

10 being computed on the base of the first linking information and/or the second 
linking information. An entered Personal Identification Number (PIN) allows to 
personally authenticate the person that currently operates the first device and is 
especially advantageous to avoid unauthorized usage e.g. by preventing a thief 
to use a stolen device for a linking according to the invention. A password can 

15 be used in the same manner, but it may be easier to remember than a PIN. 

Presenting of the additional information in parallel to the first linking information 
or the second linking information may force the operator to thoroughly study the 
presented information in order to recognize the matching thus making the 
proposed method more secure. In addition, an indication for the additional 

20 information can be very short and easy to enter, e.g. by a digit or letter 

indicating the additional information. An alternative solution is entering of data 
being computed on the base of the first linking information and/or the second 
linking information that also increases the awareness of the person and thus 
makes the method more secure. Also, some persons may find the proposed 

25 linking method attractive just because of the computing step that requires the 
person to think for the correct answer, i.e. the correct confirmation data. 

The present invention also concerns a server in order to implement the method 
as described above. 

30 



The server can be used for linking of a first characteristic of a first device and a 
second characteristic of a second device. The server comprises a receiving unit 
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for receiving messages, a transmitting unit for sending messages, and a 
processing unit for processing messages and information. The processing unit 
is adapted to select a first linking information and a second linking information. 
The first linking information matches to the second linking information. The 
5 transmission unit is adapted to send the first linking information to the first 
device and the second linking information to the second device. The receiving 
unit is adapted to receive a matching confirmation from the first device with the 
matching confirmation confirming to the processing unit the matching of the first 
linking information presented by the first device and the second linking 
10 information presented by the second device. The processing unit is adapted to 
execute an associating of the first characteristic and the second characteristic 
based on the received matching confirmation. 

According to a preferred embodiment, the first device is a trusted device and 
1 5 the first characteristic relates to an access legitimization legitimating the trusted 
device for accessing a first institution. 

According to another preferred embodiment, the second characteristic 
comprises an identifier identifying the second device and, based on the 

20 associating of the first characteristic relating to the access legitimization and the 
second characteristic comprising the identifier, the processing unit is adapted to 
generate an access assertion for granting to or via the second device access to 
a second institution being identical or different from the first institution, and the 
transmission unit is adapted to send the access assertion to the second device 

25 or the second institution or to an entity supporting the second device or the 
second institution for granting access. 

According to another preferred embodiment, the receiving unit is adapted to 
receive a request for authentication triggering the processing unit to execute the 
30 linking. 
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According to another preferred embodiment, the processing unit is adapted to 
select the first linking information and the second linking information to comprise 
one or more randomly generated symbols. 

5 According to another preferred embodiment, the processing unit is adapted to 
select the first linking information being identical to the second linking 
information. 

According to another preferred embodiment, the processing unit is adapted to 
10 execute the associating of the first characteristic and the second characteristic 
based on a verification for correctness of confirmation data entered into the first 
device. 

The present invention also concerns a computer program comprising portions of 
15 software codes in order to implement the method as described above when 
operated on a server. The computer programs can be stored on a computer 
readable medium. The computer-readable medium can be a permanent or 
rewritable memory within a server or located externally. The respective 
computer program can be also transferred to a server for example via a cable or 
20 a wireless link as a sequence of signals. 

The computer program can be used for linking of a first characteristic of a first 
device an d a second characteristic of a second device. The computer program 
can be loaded into a processing unit of a server and comprises code adapted to 

25 select a first linking information and a second linking information. The first 
linking information matches to the second linking information. The computer 
program comprises code adapted to initialize a sending of the first linking 
information to the first device and a sending of the second linking information to 
the second device and to execute an associating of the first characteristic and 

30 the second characteristic based on a matching confirmation received from the 
first device with the matching confirmation confirming to the computer program 
the matching of the first linking information presented by the first device and the 
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second linking information presented by the second device. The computer 
program can be used in all embodiments of the method as described. 



In the following, detailed embodiments of the present invention shall be 
5 described in order to give the skilled person a full and complete understanding. 
However, these embodiments are illustrative and not intended to be limiting, as 
the scope of the invention is defined by the appended claims. 

[Brief description of the drawings] 

10 

Fig. 1 a shows a flowchart diagram of a first embodiment of the present 
invention; 



Fig. 1 b shows examples of processes and messages between devices 
15 according to the first embodiment of Fig. 1a; 

Fig. 2 shows an operator, devices and messages between devices of a 

second embodiment of the present invention; 

20 Fig. 3a shows a table comprising a first set of examples of presentations 
by a trusted and on a non-trusted device; 

Fig. 3b shows a table comprising a second set of examples of 
presentations by a trusted and on a non-trusted device. 



25 



[Detailed description of the invention] 



Figure 1a shows a flowchart diagram of a first embodiment of the present 
invention in which a request 50 for linking triggers the following steps of the 
30 method. Fig. 1b shows examples of processes and messages between devices, 
i.e. a first device PP1 and a second device NP1 that are to be linked and a 
server S1 , for carrying out the method according to the flow-chart depicted in 
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Fig. 1a. In the following, Fig. 1a and 1b are described in parallel. Identical 
references in Fig. 1a and 1b describe corresponding features. 



According to Fig. 1a, the first embodiment starts with a request 50 for linking. 
5 The request 50 for linking may originate from an entity being external to the 
server S1 or by the server S1 itself. The request 50 for linking can be sent from 
the second device NP1 to the server S1 by a request message 51 as depicted 
in Fig. 1b. The request 50 for linking triggers the server S1 to link the first device 
PP1 and the second device NP1 by associating a first characteristic of the first 

10 device PP1 and a second characteristic of the second device NP1 . In the 
request message 51 , the server S1 can be provided with an address of the 
second device NP1. Furthermore, the request message 51 can comprise an 
address of the first device PP1. Subsequently, the server S1 selects 75 the first 
linking information and the second linking information. Furthermore, the server 

15 S1 sends 100 the first linking information via message 101 to the first device 
PP1 and sends 150 the second linking information via message 151 to the 
second device NP1. Subsequently, the first linking information is presented 200 
by the first device PP1 and the second linking information is presented 250 by 
the second device NP1. After comparing the presented linking information and 

20 recognizing that the presented information match, the person that operates the 
first device PP1 executes an entering 300 of an indication of the matching into 
the first device PP1. Preferably, a request is output by the first device PP1 for 
the entering 300 of the indication of the matching and if tighter security 
requirements apply also for entering 350 of confirmation data like a PIN into the 

25 first device PP1 . According to the present example, the entered confirmation 
data is verified by the first device PP1 for correctness. The entering 300,350 of 
the indication of the matching and of the correct confirmation data triggers the 
sending 400 of a matching confirmation from the first device PP1 to the server 
S1 via message 401 . The matching confirmation confirms the matching of the 

30 first linking information that is presented on the first device PP1 and the second 
linking information that is presented on the second device NP1 and additionally 
provides the server S1 with information that the operator of the first device PP1 
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has been personally authenticated by entering the correct PIN. Furthermore, the 
server S1 is provided by the received matching information with a proof of the 
close proximity of the first device PP1 and the second device NP1 such that the 
server S1 can assume that the person operating the second device NP1 is 
5 identical to or at least being authorized by the person operating the first device 
PP1 . Based on the received matching confirmation, an associating 450 of a first 
characteristic of the first device PP1 and a second characteristic of the second 
device NP1 can be executed by the server S1 . Which characteristics are to be 
associated 450 may be indicated in the request 50 for linking. Additional 

10 determination steps may be executed to determine appropriate characteristics 
that are to be associated. A suitable example is to associate an address of the 
first device PP1 and an address of the second device NP2, e.g. the addresses 
that are known to the server S1 for sending 100,150 the linking information. 
Based on the associating 450 of the first characteristic and the second 

15 characteristic, a linking assertion can state the successful linking of the two 

devices PP1 ,NP1 . The linking assertion may be sent 501 to the second device 
as response to the request 50 for linking. 

When using as first device PP1 a trusted device, additional verification steps 
20 may be advantageous that are not shown in Fig.1 . In this case, the server may 
verify the access legitimization of the personal device for executing the linking, 
e.g. before sending the linking information to the respective devices. Especially, 
if access to an institution is requested for or via the second device NP1 , it can 
be checked if appropriate agreements exist allowing to access the institution by 
25 or via the second device NP1 based on the access legitimization of the trusted 
device. For example, it can be checked if an access legitimization of a mobile 
phone legitimating the mobile phone for accessing a mobile telephone system 
like a GSM or Universal Mobile Telecommunication System (UMTS) legitimates 
also for accessing an Internet service as example for the institution to that 
30 access is requested to via a computer terminal as example for a second device. 
By associating a first characteristic relating to the access legitimization of the 
first device, e.g. a mobile phone number as first characteristic, and a second 



WO 2004/034237 



PCT/EP2003/010780 



17 

characteristic that allows to identify the second device, access for or via the 
second device to the institution can be granted. 

For using the method as described in conjunction with Fig. 1a for authentication 
5 purpose, it is advantageous to replace the request 50 for linking and the linking 
assertion 500 by an appropriate request for authentication and an 
authentication assertion, respectively, and using as first device PP1 a trusted 
device. The request for authentication may be sent via message 51 to the 
server S1 . The steps 75-450 and corresponding processes and messages 75- 
10 450 can be executed as explained in conjunction with Fig. 1 . Based on the 
linking, the authentication assertion can be sent for granting access. For 
example, the authentication assertion may be sent via message 501 to the 
second device effecting e.g. an unlocking of the second device NP1 for getting 
access. 

15 

In general applies for the first and second device the following: for receiving the 
first linking information at the first device, the first device is equipped with a first 
receiving unit and for receiving the second linking information by the second 
device, the second device is equipped with a second receiving unit. For 

20 presenting the first linking information by the first device, the first device is 
equipped with a first output unit and for presenting the second linking 
information by the second device, the second device is equipped with a second 
output unit. Examples for an output unit are a display, a loudspeaker, or a 
printer, or a device that allows presenting of linking information by embossed 

25 symbols. The second device can be equipped with an input unit like a keypad or 
microphone for triggering the linking method e.g. by a request for authentication 
or linking. For the entering of the indication of the matching and the confirmation 
data if applicable, the first device is equipped with an input unit like a keypad, 
microphone, or touch-screen. 

30 

One or more of the aforementioned units for the first device and/or the second 
device may be removable. The fact that the first device and/or the second 
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device do not necessarily need to have an integrated receiving unit, 
transmission unit, input unit and/or output unit makes the proposed method 
much more flexible, e.g. as trusted device a credit card can be used inserted 
into a device similar to a card reader having in addition an input and output unit 
5 and a receiving and transmission unit as explained before. Furthermore, a 
presenting of linking information by a loudspeaker or in Braille makes the 
proposed method also easily operable by blind persons. 

In the following examples for trusted devices are described that may be used in 

10 the proposed linking method: firstly, a trusted device that legitimates for access 
to an institution without revealing an identity of the legitimate owner of the 
trusted device: according to this first example, one or more characteristics 
associated with the trusted device that are determinable by the institution when 
presenting the trusted device for getting access do not allow to identify the 

15 legitimate owner. To this end, a trusted device according to the first example 
can be provided to the legitimate owner without associating an identity of the 
legitimate owner to said one or more determinable characteristics. An example 
for such a trusted device is a ticket that legitimates for accessing an institution 
by revealing as access legitimization a name of said institution and a serial 

20 number not being associated with an identity of the legitimate owner. Secondly, 
a trusted device that legitimates for access to an institution which allows to 
obtain an identity of the legitimate owner; according to the second example, at 
least one of the characteristics of the trusted device determinable the institution 
is associated with an identity of the legitimate owner. Said identity can be stored 

25 at the trusted device, at the institution, and/or a further entity accessible by the 
institution. When said identity is stored at the institution and/or at the further 
entity, the trusted device has to be uniquely identifiable by the institution in 
order to obtain the identity of the legitimate owner. Thirdly, a trusted device that 
legitimates for access to an institution allowing a personal authentication, i.e. it 

30 is possible to prove that the person that operates the trusted device is identical 
to or is authorized by the legitimate owner. A secret like a Personal 
Identification Number (PIN) personally issued to the legitimate owner or a user 
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identity - password mechanism or personal information uniquely relating to the 
legitimate owner like a signature or photo can be used for personal 
authentication when presenting the trusted device for getting access. 
Authorization by the legitimate owner can be achieved by providing said secret 
5 to a further person that enables the further person to access the institution when 
presenting the trusted device. Examples for trusted devices allowing personal 
authentication are a credit card in combination with a signature or a GSM 
mobile phone in combination with a PIN. 

10 For linking of a trusted device, it depends on the trusted device and the 
processing of characteristics determinable by the server for the linking if 
information about the legitimate owner as explained before is provided to the 
server. If information about the legitimate owner is determinable, this 
information can be used in the associating step. As a general rule, for tighter 

15 security requirements a higher example number of trusted device is preferably 
used. In addition, a trusted device can be associated with characteristics like 
the date of issue, the date of expiry, or a value associated with trusted device 
that can be considered e.g. for the linking and/or for granting access. 

20 Fig. 2 shows a second embodiment of the proposed method. A person A2 that 
operates a trusted device depicted as mobile phone PP2 and a non-trusted 
device depicted as a computer terminal NP2 wants to access via the computer 
terminal NP2 a service provided by a server SP2 in the Internet. The computer 
terminal NP2 sends a request SR for service access to the server SP2 providing 

25 the service in the Internet. The server SP2 recognizes that an authentication is 
required for the requested service. The server SP2 can respond to the 
computer terminal NP2 with an authentication request message ARM1 asking 
for authentication, e.g. by asking to enter a MSISDN number. The person A2 
enters the MSISDN number of the mobile phone PP2 into the computer terminal 

30 NP2 and sends in an authentication response message ARM2 the entered 
MSISDN number to the server SP2. The authentication response message 
ARM2 can carry also the address of the computer terminal NP2 like an Internet 
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Protocol (IP) address and a port number. Based on the received authentication 
response message ARM2, the server SP2 sends a request RA for 
authentication to the server AS2. According to the present example, the request 
RA comprises the MSISDN number of the mobile phone PP2, the IP address 
5 and port number of the computer terminal NP2 and an IP address and port 
number of the server SP2. Optionally, an identifier or a name of the service 
and/or service provider and the time the request SR for service was received at 
the server SP2 can be included into the request RA. Triggered by the request 
RA, the server AS2 proceeds as follows: The server AS2 accepts the received 

10 MSISDN number as being legitimated for access to a mobile telecommunication 
system. Based on an analysis of the MSISDN number the server AS2 may also 
detect that the MSISDN number corresponds to a particular network operator. 
According to the present example, the server AS2 checks if the access 
legitimization according to the MSISDN number legitimates also for access to 

1 5 the sen/ice provided by the server SP2, e.g. according to an appropriate 
agreement made in advance or on request or by assuming an implicit 
agreement due to the fact that the server SP2 sends the MSISDN number in the 
request message 51. If personal authentication is required, the server AS2 may 
in addition obtain an identity of the legitimate owner of the MSISDN number, 

20 e.g. name and address of the person A2 presenting the mobile phone PP2 as 
trusted device. 

After accepting the MSISDN number of the mobile phone PP2 and the approval 
of the associated access legitimization, the server AS2 proceeds with the linking 

25 by selecting a first and a second linking information. According to the present 
example, the server AS2 selects and sends an identical sequence of pictures to 
the mobile phone PP2 and to the computer terminal NP2. The linking 
information for the computer terminal NP2 is sent in a message LIA1 to the 
server SP2 which further sends the linking information for the computer terminal 

30 NP2 via message LIA2 to the computer terminal NP2 where the linking 

information is presented on the computer screen as shown by the screen image 
DIN. The linking information for the mobile phone PP2 is sent in a message LIB, 
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e.g. via Short Message Service (SMS) or Multimedia Messaging Service (MMS) 
or WAP (Wireless Application Protocol) push, to the mobile phone PP2. The 
linking information is presented on the display of the mobile phone PP2 as 
shown by the screen image DIP. The method becomes more convenient and 
5 more secure, if the linking information presented on the mobile phone PP2 is 
presented in parallel with a request like 



"Dear [Name of person], 

You want to access the service [Name of sen/ice] at [Time of service request]. 
10 Please confirm the matching of the linking information presented on your mobile 
phone and your non-trusted device [Address] by pressing the YES button on 
your mobile phone followed by entering your PIN." 

The aforementioned request text includes entries given in brackets. These 
15 entries like the name of the person A2, the name of the service, the time of 

service request, and an address of the non-trusted device can be included into 
the message LIB and thus provided to the mobile phone PP2 for presentation if 
the server AS2 has this information available as explained before. 

20 If the linking information in the form of a sequence of pictures presented on the 
display of the mobile phone PP2 and on the screen of the computer terminal 
NP2 is identical and thus matches, the person A2 presses the "YES" button on 
the mobile phone PP2 and enters his PIN for confirmation of the matching. For 
the case that the information that is presented by the mobile phone PP2 and the 

25 information presented by the computer terminal NP2 do not match, a possible 
attack may be going on. In this case, the confirmation of the matching can be 
denied and thus the linking procedure can be terminated, e.g. by pressing "NO" 
or by entering a wrong PIN. According to the present example, the linking 
information matches and a matching confirmation is sent via a matching 

30 confirmation message MC from the mobile phone PP2 to the server AS2. 
Based on the received matching confirmation, the server AS2 links the 
computer terminal NP2 and the mobile phone PP2 by associating e.g. the 
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address of the computer terminal NP2 with the MSIDN number of the mobile 
phone PP2 and provides the server SP2 with an authentication assertion 
message AA comprising an authentication assertion. Based on the 
authentication assertion, the server SP2 can grant service access SA to 
computer-terminal NP2 for the person A2. If available or requested, the server 
AS2 may provide personal information related to the person A2 like the name 
and/or the address and/or a credit card number to the server SP2. The server 
SP2 can store the provided personal information in a database, e.g. for 
charging or statistically purposes or legal reasons. 

The embodiment of Fig. 2 uses a computer terminal as non-trusted device. 
However, the embodiments described in conjunction with Fig. 1a,1b, and 2 with 
a non-trusted device being for example a personal digital assistant (PDA), a 
workstation, a notebook, an ATM, a physical access unit like a door or a 
physical control device like a steering wheel. 

In Fig. 3a a table is shown with examples of matching linking information 
presented by a trusted device as an example for a first device and a non-trusted 
device as an example for a second device. The individual examples of linking 
20 information are indicated by identifying numbers (IDs). Identical sequences of 
digits 1a, of letters 2a, of icons 3a, of pictures 4a, and of a combination of letters 
and digits 5a are shown as examples for identical linking information. However, 
as stated earlier, matching linking information does not necessarily have to be 
identical. Examples for non-identical matching linking information are given in 
25 the examples 6a to 1 1a. Examples 6a and 7a reveal examples for successional 
matching linking information for sequences of digits and letters, respectively, i.e. 
sequences starting on the trusted device are continued on the non-trusted 
device or vice versa. 8a and 9a show examples for complementary matching 
linking information where a first sequence of icons is presented by the trusted 
30 device and a second sequence of icons identical to the first one but with 

reversed color is presented by the non-trusted device. 10a is an example for a 
computational matching linking information, i.e. the linking information 
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presented by the non-trusted device can be computed by the linking information 
presented by the trusted device or vice versa. Example 11a shows a sequence 
of pictures presented by the non-trusted device. The linking information 
presented by the trusted device is a sequence of names matching the sequence 
5 of pictures in text format. An implementation according to example 11a may be 
very useful if only one of the devices supports the presentation of pictures. It 
can be therefore advantageous to provide to the trusted device or to the non- 
trusted device or both a variety of formats of the linking information from that the 
format best suited can be selected for increasing the probability for presenting 
10 the linking information. Another example for non-identical matching information 
not shown in Fig. 3a is a puzzle, wherein one or more first parts of the puzzle 
can be presented by the trusted device and one or more further parts of the 
puzzle can be presented by the non-trusted device. 

15 Comparing and recognizing of a matching of graphical linking information like 
pictures, images, or icons can be easier for a person than of non-graphical 
linking information like digits or letters making the proposed method based on 
graphical linking information more convenient but also more secure as the 
probability for an erroneous recognition of the matching is decreased. As an 

20 example for a set of 100 icons, a sequence of 3 randomly chosen icons as 
linking information allows for 1 ,000,000 different sequences what makes the 
proposed method sufficiently secure on the one hand. On the other hand, a 
sequence of 3 icons is very easy and fast to compare compared to e.g. a 
sequence of six digits, which also allows for 1 ,000,000 different sequences. 

25 

Fig. 3b is used to explain how an entering of the indication of the matching can 
be executed and how an entering of confirmation data into the trusted device as 
an example for the first device can be performed. For this reason, examples for 
matching linking information presented by the trusted device and by a non- 
30 trusted device as example for the second device are shown. The presented 
matching linking information is supplemented by additional information 
presented in parallel to the respective matching linking information on one of the 
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devices. For recognizing the matching of the first linking information and the 
second linking information, the additional information should be clearly 
distinguishable from the matching linking information, e.g. according to the 
examples 1b-10b as explained in the following. For entering of an indication for 
5 the matching and/or the entering of confirmation data, an appropriate request 
may be presented by at least one of the devices that are to be linked. The 
entering of the indication for matching and for the confirmation data can be 
combined. 

1 0 According to the first example in 1 b, the matching linking information is given by 
a sequence of digits "123456" on both devices and the additional information by 
a sequence of Latin letters "ABCDEF" and sequence of Greek letters "tySnptS". 
The information as presented on the trusted device is numbered and matching 
of the linking information can be confirmed by typing in "2" into the trusted 

1 5 device for indicating that the information numbered "2" presented by the trusted 
device is the linking information that matches to the linking information 
presented by the non-trusted device. Alternatively, a pointing device like a 
mouse can be used for "clicking" on the linking information or the corresponding 
identifier, i.e. number "2" according to the present example. Also a vocal 

20 entering is possible for indicating the matching. 

2b shows a corresponding presentation of matching linking information, i.e. 
"ABCDEP, and additional information, i.e. "45T698" and "$rt%tz", with the 
additional information now being presented by the non-trusted device. As 
25 identifiers for the matching linking information letter "A" and for the additional 
information letters "B" and "C" are used. According to this example, an 
indication of the matching may be executed by entering "A" into the trusted 
device. 

30 According to the example in 1 b and 2b, the entering of the indication of the 

matching can be also made by trivial means without further making usage of the 
additional information presented to the person, e.g. by pressing "YES". An 
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additional confirmation step can request the entering of "2" or "A" as 
confirmation data according to example 1 b or 2b, respectively. 

Both examples 1b and 2b increase the complexity for the benefit of an increase 
5 of the security of the method. The person that operates the trusted device 

cannot just achieve the linking of the trusted device and the non-trusted device 
just by pressing a button or by other trivial means. Instead, he is forced to 
thoroughly compare the information presented by both devices and to make the 
right choice for the entering. 

10 

In the following examples 3b to 10b, the digit "0" represents additional 
information that can be easily distinguished from the matching linking 
information according to the present examples. The additional information can 
be e.g. presented separately from the linking information by the trusted device 

1 5 according to examples 8b to 1 0b or presented separately from the linking 
information by the non-trusted device according to the examples 4b to 7b or 
comprised in the linking information as depicted according to example 3b for 
additional information comprised in the linking information by the trusted device 
Additional information comprised in the linking information presented by the 

20 non-trusted device is also possible but not shown in Fig. 3b. 

According to the examples 3b to 10b, an indication of the matching can be 
made, e.g. by pressing the "YES" button, and than to enter confirmation data, 
i.e. the additional information "0" according to the examples 3b to 10b. 

25 

In 1 1b, identical linking information in form of a mathematical equation "3+5 = ?" 
is presented by both devices. The correct result "8" can be entered as 
confirmation data. 

30 Alternatively, the indication for the matching in the examples 3b to 10b and 1 1 b 
can be combined with the entering of confirmation data e.g. by requesting to 
indicate the matching by entering the additional information, i.e. "0" and "8" for 
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the examples 3b-10b and 11b, respectively. This implementation has the 
advantage that reduced action by the operator of the trusted device is required, 
e.g. pressing the "YES" button can be left out. 

5 The above embodiments admirably achieve the objects of the invention. 

However, it will be appreciated that departures can be made by those skilled in 
the art without departing from the scope of the invention which is limited only by 
the claims. 



